Enabling PIV-Compliant Government Mobility

Employee mobility allows government agencies to improve productivity, control costs and deliver better service to citizens. Because of strict and specific security regulations, however, enabling mobility can be a complex undertaking for most agencies. Entrust Datacard eliminates that complexity and enables highly secure mobility with a portfolio of proven Personal Identity Verification (PIV) solutions.

Entrust Datacard Authentication

Complete Solution for NIST 800-157

Our popular Derived PIV/CAC credential solution enables true mobility for government organizations by providing secure, anywhere-anytime access to applications, work files and systems. Our complete offering includes deployment, user enrollment and credential management. It aligns with NIST SP 800-157 for compliance with the HSPD12/FIPS 201-2 Personal Identity Verification (PIV) requirements.

Entrust Datacard Authentication

Integration with EMM Platforms

The Entrust Datacard derived PIV credential solution is fully integrated with leading EMM platforms. This enables an enhanced level of protection and policy control, plus a transparent user experience — there’s no longer any need to use OTPs. These integrations allow EMM vendor applications to use the derived PIV credential for strong user and device authentication prior to accessing resources.

Entrust Datacard Authentication

Deriving Trust from Bound Identities

Our mobile smart credential application is encoded like a PIV smart card, with a digital structure that adheres to PIV standards. This allows the mobile smart credential to be encoded with the same certificate types and use the same communication language traditionally used on physical PIV smart cards. Available for Apple iOS, Google Android and BlackBerry mobile operating systems.

Entrust Datacard Authentication

Self-Service Capabilities

A unique self-service module enables anywhere-anytime onboarding and credential management. After authorized users are granted access, they can request and manage derived PIV credentials remotely —without IT or administrative support. This reduces both operational costs and the need for enrollment kiosks.

Entrust Datacard Authentication

PIN Unlock, Reset via SMS

Unlike PIV smartcards, PIN unblock and reset features are easily self-managed through our self-service module or directly on the user’s mobile device. There’s no need for a specialized kiosks. If policy does not allow for users to unlock or reset derived credential PINs, or if users lose their mobile devices, the self-service module allows for remote suspension or revocation of the old derived credential.

How the Enrollment Process Works

Our solution can be configured to align with multiple derived PIV credential activation methods, including:

• QR code with password displayed

• QR code with password via encrypted email

• Email with password displayed

• Email with password via encrypted email

Use Cases and Authentication Methods

Derived credentials are leveraged to increase security in two ways. An advantage of our solution is that both methods of access can be easily configured:

• Enabling access to certificate-enabled mobile applications for authentication directly through the mobile device – removing the need for username and password.

• Using the derived credential to provide logical access to a traditional workstation or laptop; similar to how a PIV smartcard is used for SCLO.


Request a Demo

Request a demo with an IntelliTrust authentication platform specialist.

Our Products

Cloud-Based Deployment


Secure your enterprise and give your users secure access to everything — applications, networks, computers, doors — with cloud-based multi-factor authentication.

On-Premises Deployment


Experienced security professionals in corporations, banks and government agencies know the name IdentityGuard and trust it to protect and enable what matters to them.

SMS Passcode™

SMS Passcode authenticates users by sending a real-time, session-specific one-time passcode (OTP) to the user’s mobile phone via SMS, app, voice-call or email.

Beyond Security

Our Authentication Platform Empowers You to Do More


Meet PSD2 Regulations


Streamline IT Management


Enable PIV Compliance